Added TLS certificates.
This commit is contained in:
parent
5afbef0177
commit
e77181ce67
|
@ -4,3 +4,7 @@ cmake_minimum_required(VERSION 3.16)
|
||||||
|
|
||||||
include($ENV{IDF_PATH}/tools/cmake/project.cmake)
|
include($ENV{IDF_PATH}/tools/cmake/project.cmake)
|
||||||
project(dht_temp)
|
project(dht_temp)
|
||||||
|
|
||||||
|
# Add client certificate, private key and CA bundle to project:
|
||||||
|
target_add_binary_data(${CMAKE_PROJECT_NAME}.elf "assets/client.crt" TEXT)
|
||||||
|
target_add_binary_data(${CMAKE_PROJECT_NAME}.elf "assets/client.key" TEXT)
|
||||||
|
|
68
assets/ca/ca-bundle.pem
Normal file
68
assets/ca/ca-bundle.pem
Normal file
|
@ -0,0 +1,68 @@
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIF1DCCA7ygAwIBAgIBATANBgkqhkiG9w0BAQsFADB7MRMwEQYKCZImiZPyLGQB
|
||||||
|
GRYDbW9lMRMwEQYKCZImiZPyLGQBGRYDaW1pMQ8wDQYDVQQKDAZpTS5JbmMxHjAc
|
||||||
|
BgNVBAsMFWlNLkluYyBJb1QgUm9vdCBDQSBHMjEeMBwGA1UEAwwVaU0uSW5jIElv
|
||||||
|
VCBSb290IENBIEcyMB4XDTIwMTEyMTEyMTk0NVoXDTMwMTEyMTEyMTk0NVowezET
|
||||||
|
MBEGCgmSJomT8ixkARkWA21vZTETMBEGCgmSJomT8ixkARkWA2ltaTEPMA0GA1UE
|
||||||
|
CgwGaU0uSW5jMR4wHAYDVQQLDBVpTS5JbmMgSW9UIFJvb3QgQ0EgRzIxHjAcBgNV
|
||||||
|
BAMMFWlNLkluYyBJb1QgUm9vdCBDQSBHMjCCAiIwDQYJKoZIhvcNAQEBBQADggIP
|
||||||
|
ADCCAgoCggIBAOjHqAyz7LVqG0yQV6aEaoaEIXaF3dK5vr/in4vyu/ylp7aBmJi0
|
||||||
|
UkFV1TYbaT4EEGguYaigyOWPUlyIgrDDMdpEGefNeLPh2wiPeHGe7NBsu/7PcyD6
|
||||||
|
1eoM7tKX11C6LtoMpH7hTudfRBj86xUqXib0KofbnqvtwcihbEj60M/TWqafwflJ
|
||||||
|
hO5tBzpq4Tgcj8UFRYN7SSKgUG9XI00sH8g3WBKwIPfAI8lbr7UfDvbuIAyedzCp
|
||||||
|
7wYQbfY6SQWl9ORig6b50TnJpJQa4J3dwi/d0I0wJmKMLUD1OXSzwYSP/0ra6hx0
|
||||||
|
0VAy/HqWD6aPea/Pt+yp7RrtoLhmNRmOg65vrguYDffUc4SLm/A77yWmjFyx5Nla
|
||||||
|
G/NgltND9YbD/hD3URyKlXMiKvBCJkXiQnnUcAkVOSp8SftsZZnIOH1yTsKDQ5Ya
|
||||||
|
m/CufjUQNrA7cPszwjRLPnNTiTN7YBYIPzr+6rpHfCYT2RFQ6+s9c0xBwgZGleLh
|
||||||
|
XAa0Ky/JadU1trpOYwQn5m+HWrDyYivE32PfddSumUbiNOPxQzmePFcZ4YPiqWhf
|
||||||
|
DDB+miFr7Nc+r2ptGUBDXGt1bOojtVGqxMMQGmqIz93JQs5jgn1kltcakwyZSYQL
|
||||||
|
htplyOlXMDqieMYIgKnLnnTd8un5nCFfVJzPnKRNUANW9A1htLfpAHu5AgMBAAGj
|
||||||
|
YzBhMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBQd
|
||||||
|
mQ8/CUEz8dt/eS2ROb6Ng8HS7DAfBgNVHSMEGDAWgBQdmQ8/CUEz8dt/eS2ROb6N
|
||||||
|
g8HS7DANBgkqhkiG9w0BAQsFAAOCAgEAQIoSPNiVeKA8kuGv44KskhCxAyKyjaRZ
|
||||||
|
muLSYiOeHVI8EqywsFNN8ObMx1zvQwGbNlKjMDIE4o0H1S+CsSpCWMWDLybYCIyN
|
||||||
|
w2InHE25SXJks/vz5B9sP1PDZ1ekDD0X4CrqFqEpd0aQxg/4ykl+zEov/+ivC8Y4
|
||||||
|
TN7/CtGO6rxIM+yG7hQZBj8VZmIURc90+Nb9RMSSx6or8zt0NCz1fEqc7M/MLtxj
|
||||||
|
FvSu8Dcm8YT+yaXhGtRQscH9aXb4J3iOXm2G4//WgYuJ5bjo3CFuSyqFtvhGWwOP
|
||||||
|
A7DsK/yS+Wx/ZXMqCDp2lCU2s1Fmav3b47iqBvZUESYgwq8gOSslM9W8MnwaaylZ
|
||||||
|
+DO2ij+ISNJgURFbDFENxll2fTrSS7gMXaMdXB15PEng/DthsE6j5vJrWpUAXqei
|
||||||
|
KBnA9UYrkg/6s+H7yKDEh/YLaWA2EyIzWV/EE6ZTcdbMfuFz1sPKJRxqNgWfWOr1
|
||||||
|
gO3c4UVWv3hs1ooj4DQV/4tHodh9Q+lbZNpzq1Jxgx+A4I/TODhnf/2W1bAehWOu
|
||||||
|
RZ/7QI+Hd5TZ0pDpHnyMu03i2Felo25Tff2i78Lypxw0bjCCvr/uP6NV7jLDOYST
|
||||||
|
US7IDJgrvAycyZNADuW2qpzMmpdMj4HP3axG6O7Y1qR7g3ExiVk679nWEhubdSsD
|
||||||
|
OBsrrOf8vtk=
|
||||||
|
-----END CERTIFICATE-----
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIF1zCCA7+gAwIBAgIBAjANBgkqhkiG9w0BAQsFADB7MRMwEQYKCZImiZPyLGQB
|
||||||
|
GRYDbW9lMRMwEQYKCZImiZPyLGQBGRYDaW1pMQ8wDQYDVQQKDAZpTS5JbmMxHjAc
|
||||||
|
BgNVBAsMFWlNLkluYyBJb1QgUm9vdCBDQSBHMjEeMBwGA1UEAwwVaU0uSW5jIElv
|
||||||
|
VCBSb290IENBIEcyMB4XDTIwMTEyMTEyMjAxNloXDTMwMTEyMTEyMjAxNlowezET
|
||||||
|
MBEGCgmSJomT8ixkARkWA21vZTETMBEGCgmSJomT8ixkARkWA2ltaTEPMA0GA1UE
|
||||||
|
CgwGaU0uSW5jMR4wHAYDVQQLDBVpTS5JbmMgSW9UIFNpZ25pbmcgQ0ExHjAcBgNV
|
||||||
|
BAMMFWlNLkluYyBJb1QgU2lnbmluZyBDQTCCAiIwDQYJKoZIhvcNAQEBBQADggIP
|
||||||
|
ADCCAgoCggIBALrdwJEXhTNlb6WIN0BC+5zYD8BsLk3QiHswtnGbFG6JjCMtW6KO
|
||||||
|
U7EjN1i5LfJjHuZyqy7s2ztDFeMsTAdUq6qSInaZxoAxG0wJ0FvL13wHoab9Y454
|
||||||
|
5MIWjOWgV30RwD6D74IxJz43+4GOnzwZipD6G2Qok6jEYeLDOsO0r/idYaEfrz81
|
||||||
|
U8+845jeifDVMW+ZCsc6770hKNl+SbtsrpI1Gef2UtMf7W/gxQOILv05b5YOYODC
|
||||||
|
RqJZ2LnTZyZklzWhFxUqqSFbRoxsqEZppcVQR926c86VslKyuKuuLcVHaN53KkF0
|
||||||
|
W2fGnHvFQrHV9UZfOn0RQiaFe91uZrXf5nufeNYHJznDiQ+Lvm+0ywJ+oEaTn1sp
|
||||||
|
/ZW+qOJ7Af9QuF5CXzdlbR/eTTub+40sSIiHp93NxFUswZAbcKew9/YnW6VxDMkG
|
||||||
|
uaaYQNEY3vEOtocAu1ReBwPnp0v5nI7iOOMZuBki81tjO7oOjl6V5mw2iRUnICfc
|
||||||
|
Y/jKp49YT+L7y/6wB+0uY6xQyR+dcVF+0ANHgGsu1l4vMaOI7DzIzbVagGL1fsJR
|
||||||
|
WP7sdERiinO9kgx0FxKz8okYxQ0+JpDgjVkwuvXRc4neW55gRXv/3PKrAW8JRSCk
|
||||||
|
ve8/L/JFxAbnQH0hsV66ehQGJuTxl5EvzC+ljSq8h2qdcGNhMWP4SSopAgMBAAGj
|
||||||
|
ZjBkMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQW
|
||||||
|
BBT6gJ+WDsxRWpAg8gM+Ro8abstW7jAfBgNVHSMEGDAWgBQdmQ8/CUEz8dt/eS2R
|
||||||
|
Ob6Ng8HS7DANBgkqhkiG9w0BAQsFAAOCAgEAlT8CkihB4u4WWL6py5xGBKSnz0KZ
|
||||||
|
5Fx/OJuqOe5LloMs7TFQsU0rDogx+CD9DVStIeJqyk0v3SK3JTpghVgMfZC+me+h
|
||||||
|
8PNIL30ZOjMF/+BolGzcTDqwNXpFdqL9A8V+C2+grJw81EdHl6ap6/jBwqAWato3
|
||||||
|
xpElWxSFaF8MkJwns/Dr2e8u9IH+jcWXrueaY8lYI3i+sLUDCBG1Z0jvu7thSDRV
|
||||||
|
lYywVUFIMGZz91BkmBtAYasXSo2fWjXJNwjpu0f+stlig5YuxmZ7CAfxrzMNllUM
|
||||||
|
6mJ+rJj4KTCD1DUChAUlGn++SCpXon+4drjp3fmilnF5PUKQ4NVlLuMTIta2OO/k
|
||||||
|
CeEbyKORmiUCKpnbzouOz6Pl6alW3PSlmU2qP58gYSbDa7OSyP1xb0e4gD9Wh7d5
|
||||||
|
UlD9oDxQyWRLD40K669IfZoXZVnQoefGvxjhPJse5XYD/4w6Pnf83ZG6pzXl6kxL
|
||||||
|
/+zx4uGc4Wwnl/GAZ/YbVvudB3zMRuwQwpG/WDuXYAyGoep5znIAe39i0KUj2M8/
|
||||||
|
cBBXYLO/XmsFK/CL/FZ+J8qYS6EqwUTWb1g2xvonkVIAHPpyFvk21pn22jwGOpFB
|
||||||
|
pPSeIQhhKQ4wKQnIONWfmVUs+058i6VRFUFkqHYwWmchYNFB96IxTRfdQRpV0YKC
|
||||||
|
DXBx2FuyJRFR9As=
|
||||||
|
-----END CERTIFICATE-----
|
29
assets/client.crt
Normal file
29
assets/client.crt
Normal file
|
@ -0,0 +1,29 @@
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIE5jCCAs6gAwIBAgIBBDANBgkqhkiG9w0BAQsFADB7MRMwEQYKCZImiZPyLGQB
|
||||||
|
GRYDbW9lMRMwEQYKCZImiZPyLGQBGRYDaW1pMQ8wDQYDVQQKDAZpTS5JbmMxHjAc
|
||||||
|
BgNVBAsMFWlNLkluYyBJb1QgU2lnbmluZyBDQTEeMBwGA1UEAwwVaU0uSW5jIElv
|
||||||
|
VCBTaWduaW5nIENBMB4XDTIyMDcwNDEzNDkxNVoXDTI0MDcwMzEzNDkxNVowZzET
|
||||||
|
MBEGCgmSJomT8ixkARkWA21vZTETMBEGCgmSJomT8ixkARkWA2ltaTEPMA0GA1UE
|
||||||
|
CgwGaU0uSW5jMRMwEQYDVQQLDApJb1QgU3lzdGVtMRUwEwYDVQQDDAxFU1BfREhU
|
||||||
|
X1RlbXAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtKqSGU7OsJQKE
|
||||||
|
/ap3FWFS8d9P0ZPDhwr8FBfGnU9Os9tuERENM7mDFdAISUiKD3t3xfGX+hOLStYm
|
||||||
|
9A0vZtWoq6Qhl2pPd7O7yi7Jw5OLSlNmoovClp78dyA82ECszYsEp32fw6nSbhmL
|
||||||
|
YKTZMYYcdGQO96NWUXvHjuimpCbcUeaDD8yad2TYkb57na3DJp+UNxdf+mvR2beY
|
||||||
|
RGkmsIn84UP9edmV2lPgx8rNQOGH8mxTMDtU4D0taQF+n/2W/awi+yMtsdjf811+
|
||||||
|
CwSipyVvo8Sb2zl3IHBcI2uD3gSpJ6pjMkExB6TnO+bE3o4iby+iBAmm9rREiO5l
|
||||||
|
y9WmGYsfAgMBAAGjgYgwgYUwDgYDVR0PAQH/BAQDAgeAMAkGA1UdEwQCMAAwEwYD
|
||||||
|
VR0lBAwwCgYIKwYBBQUHAwIwHQYDVR0OBBYEFPealnfk4PmDut1rni1pUF5c7lPq
|
||||||
|
MB8GA1UdIwQYMBaAFPqAn5YOzFFakCDyAz5Gjxpuy1buMBMGA1UdEQQMMAqCCGRo
|
||||||
|
dF90ZW1wMA0GCSqGSIb3DQEBCwUAA4ICAQAFwWkFP/qrYamU7JCRsReW0BTtPxQD
|
||||||
|
qPYkdff7IO5mwXcbJZKK9HaueCtItMgl8l9SUMdiNdHETodOAuTRtjI9vaDm1bai
|
||||||
|
nnQdxNYUQHDZc0NHurTKzLr7gTlE61Hk84Y6Erd/AiwfyqT+832jCinjS3bpY37s
|
||||||
|
rWMxRbo1Abe+4V/+giV4Qqk5yYUHyevkO2zliyCk1FLpczRAGYBvQFBN+2Ggvimj
|
||||||
|
lcGhi6O5UCUgqbral3pgNgJ3W0ZPCZqd03B4aaauTvQ7QHk3d++kc/RYanHuWaD+
|
||||||
|
SEVgMVv13pG7ITggQxoRgKv51sNFcib3WZeJnisIQ4CnzILVaKTNbHKOg0K2YCk0
|
||||||
|
xnfcESJazQiaGHC0PFoVBqdO3NP/ISstr6vltJ1hHP6hUeOii0zJXbecD+I5rnsN
|
||||||
|
L6UapEfWvP+/Wt0Hv2ROp8Y2vPkjn9MXCgv5+MsbafnlpP98C8aifexgeygTXZGJ
|
||||||
|
pQCeqD39ZMvLwoMHjD9y+Qn6prJHrOAaH41S0mmYF7UirRjVVUp9J8BAnfTLhvgX
|
||||||
|
0CCWVipPChXM3r+w4j2+/Y7KuBuOtmPxLDVp6d/Tf96Bg33ZvD2GY7PetPeB7j5x
|
||||||
|
Ps+5+9X8cVfNUngzf8LlwTNDsUmECDXpLWri8rRfBBJiGT0CP4EqELvhTrle4uu3
|
||||||
|
8PHQZfCgDH9WJQ==
|
||||||
|
-----END CERTIFICATE-----
|
|
@ -1,5 +1,6 @@
|
||||||
idf_component_register(
|
idf_component_register(
|
||||||
SRCS
|
SRCS
|
||||||
|
"app_mqtt.c"
|
||||||
"app_wifi.c"
|
"app_wifi.c"
|
||||||
"main.c"
|
"main.c"
|
||||||
"aht10/aht10.c"
|
"aht10/aht10.c"
|
||||||
|
|
|
@ -17,4 +17,16 @@ menu "Application Configuration"
|
||||||
default 5
|
default 5
|
||||||
help
|
help
|
||||||
Set the Maximum retry to avoid station reconnecting to the AP unlimited when the AP is really inexistent.
|
Set the Maximum retry to avoid station reconnecting to the AP unlimited when the AP is really inexistent.
|
||||||
|
|
||||||
|
config APP_MQTT_BROKER_ADDR
|
||||||
|
string "MQTT broker connection string"
|
||||||
|
default "mqtt://127.0.0.1:1883"
|
||||||
|
help
|
||||||
|
Connection string for MQTT broker, use scheme://host:port format.
|
||||||
|
|
||||||
|
config APP_MQTT_TLS_CLIENT_PASSPHRASE
|
||||||
|
string "MQTT TLS Client Passphrase"
|
||||||
|
default "AAAAAAAAAAAAAAAA"
|
||||||
|
help
|
||||||
|
Passphrase to decrypt MQTT client private key.
|
||||||
endmenu
|
endmenu
|
||||||
|
|
50
main/app_mqtt.c
Normal file
50
main/app_mqtt.c
Normal file
|
@ -0,0 +1,50 @@
|
||||||
|
/* ESP drivers */
|
||||||
|
#include "esp_log.h"
|
||||||
|
#include "esp_system.h"
|
||||||
|
#include "esp_tls.h"
|
||||||
|
|
||||||
|
/* Cert bundle */
|
||||||
|
#include "esp_crt_bundle.h"
|
||||||
|
|
||||||
|
/* MQTT client */
|
||||||
|
#include "mqtt_client.h"
|
||||||
|
|
||||||
|
extern const char mqtt_client_cert_start[] asm("_binary_client_crt_start");
|
||||||
|
extern const char mqtt_client_cert_end[] asm("_binary_client_crt_end");
|
||||||
|
extern const char mqtt_client_key_start[] asm("_binary_client_key_start");
|
||||||
|
extern const char mqtt_client_key_end[] asm("_binary_client_key_end");
|
||||||
|
|
||||||
|
static void app_mqtt_event_handler(void *arg, esp_event_base_t event_base, int32_t event_id, void *event_data);
|
||||||
|
static void app_mqtt_task(void *pvParameters);
|
||||||
|
|
||||||
|
esp_err_t app_mqtt_init(void) {
|
||||||
|
if (xTaskCreate(app_mqtt_task, "MQ_TASK", 2048, NULL, 2U, NULL) != pdPASS) {
|
||||||
|
return ESP_FAIL;
|
||||||
|
}
|
||||||
|
|
||||||
|
return ESP_OK;
|
||||||
|
}
|
||||||
|
|
||||||
|
static void app_mqtt_task(void *pvParameters) {
|
||||||
|
const esp_mqtt_client_config_t mqtt_cfg = {
|
||||||
|
.uri = CONFIG_APP_MQTT_BROKER_ADDR,
|
||||||
|
.client_cert_pem = mqtt_client_cert_start,
|
||||||
|
.client_key_pem = mqtt_client_key_start,
|
||||||
|
.clientkey_password = CONFIG_APP_MQTT_TLS_CLIENT_PASSPHRASE,
|
||||||
|
.clientkey_password_len = strlen(CONFIG_APP_MQTT_TLS_CLIENT_PASSPHRASE),
|
||||||
|
.crt_bundle_attach = esp_crt_bundle_attach,
|
||||||
|
};
|
||||||
|
|
||||||
|
esp_mqtt_client_handle_t client = esp_mqtt_client_init(&mqtt_cfg);
|
||||||
|
esp_mqtt_client_register_event(client, ESP_EVENT_ANY_ID, app_mqtt_event_handler, NULL);
|
||||||
|
|
||||||
|
esp_mqtt_client_start(client);
|
||||||
|
|
||||||
|
for (;;) {
|
||||||
|
vTaskSuspend(NULL);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
static void app_mqtt_event_handler(void *arg, esp_event_base_t event_base, int32_t event_id, void *event_data) {
|
||||||
|
/**/
|
||||||
|
}
|
8
main/include/app_mqtt.h
Normal file
8
main/include/app_mqtt.h
Normal file
|
@ -0,0 +1,8 @@
|
||||||
|
#ifndef APP_MQTT_H
|
||||||
|
#define APP_MQTT_H
|
||||||
|
|
||||||
|
#include "esp_system.h"
|
||||||
|
|
||||||
|
esp_err_t app_mqtt_init(void);
|
||||||
|
|
||||||
|
#endif
|
|
@ -18,6 +18,7 @@
|
||||||
|
|
||||||
/* Config */
|
/* Config */
|
||||||
#include "app_wifi.h"
|
#include "app_wifi.h"
|
||||||
|
#include "app_mqtt.h"
|
||||||
#include "sdkconfig.h"
|
#include "sdkconfig.h"
|
||||||
|
|
||||||
#define APP_LOG_TAG "MAIN"
|
#define APP_LOG_TAG "MAIN"
|
||||||
|
@ -46,5 +47,7 @@ void app_main(void) {
|
||||||
/* ?? */
|
/* ?? */
|
||||||
}
|
}
|
||||||
|
|
||||||
|
ESP_ERROR_CHECK(app_mqtt_init());
|
||||||
|
|
||||||
vTaskSuspend(NULL);
|
vTaskSuspend(NULL);
|
||||||
}
|
}
|
||||||
|
|
1232
sdkconfig.old
1232
sdkconfig.old
File diff suppressed because it is too large
Load Diff
Loading…
Reference in New Issue
Block a user